diff --git a/.github/workflows/kvm-publishable-selfhosted.yml b/.github/workflows/kvm-publishable-selfhosted.yml
index a802f22..6a88b23 100644
--- a/.github/workflows/kvm-publishable-selfhosted.yml
+++ b/.github/workflows/kvm-publishable-selfhosted.yml
@@ -10,8 +10,6 @@ jobs:
     timeout-minutes: 360
 
     steps:
-      - uses: actions/checkout@v4
-
       - name: Ensure Nix Is Available
         run: |
           set -euo pipefail
@@ -37,6 +35,43 @@ jobs:
           printf '%s\n' 'experimental-features = nix-command flakes' > "$HOME/.config/nix/nix.conf"
           nix --version
 
+      - name: Checkout Repository
+        env:
+          REPO_URL: https://git.centraworks.net/centra/photoncloud-monorepo
+        run: |
+          set -euo pipefail
+          export PATH="/run/current-system/sw/bin:/usr/bin:/bin:$PATH"
+
+          choose_checkout_root() {
+            local candidate avail best="" best_avail=-1
+            for candidate in /var/tmp /tmp "$HOME"; do
+              mkdir -p "$candidate" 2>/dev/null || continue
+              avail="$(df -Pk "$candidate" 2>/dev/null | awk 'NR==2 { print $4 }')"
+              [[ -n "$avail" ]] || continue
+              if (( avail > best_avail )); then
+                best="$candidate"
+                best_avail="$avail"
+              fi
+            done
+            printf '%s\n' "$best"
+          }
+
+          checkout_root="$(choose_checkout_root)"
+          repo_root="$(mktemp -d "${checkout_root}/ultracloud-kvm-checkout.XXXXXX")"
+          auth="$(printf '%s' "${GITHUB_ACTOR}:${GITHUB_TOKEN}" | base64 | tr -d '\n')"
+
+          git init "$repo_root"
+          cd "$repo_root"
+          git remote add origin "$REPO_URL"
+          git -c http.extraHeader="AUTHORIZATION: basic ${auth}" fetch --depth=1 origin "${GITHUB_SHA}"
+          git checkout --detach FETCH_HEAD
+          git config --global --add safe.directory "$repo_root"
+
+          {
+            printf 'REPO_ROOT=%s\n' "$repo_root"
+            printf 'CHECKOUT_ROOT=%s\n' "$checkout_root"
+          } >> "$GITHUB_ENV"
+
       - name: Probe KVM Environment
         run: |
           set -euo pipefail
@@ -58,7 +93,10 @@ jobs:
             echo "kvm_amd_nested=$(cat /sys/module/kvm_amd/parameters/nested)"
           fi
           echo "runner_temp=${RUNNER_TEMP}"
+          echo "repo_root=${REPO_ROOT}"
+          echo "checkout_root=${CHECKOUT_ROOT}"
           df -h / /tmp /var/tmp "$RUNNER_TEMP" || true
+          df -h "$REPO_ROOT" || true
           df -h /nix || true
 
       - name: Run Publishable KVM Suite
@@ -70,5 +108,5 @@ jobs:
           elif [[ -f "$HOME/.nix-profile/etc/profile.d/nix.sh" ]]; then
             . "$HOME/.nix-profile/etc/profile.d/nix.sh"
           fi
-          chmod +x ./nix/test-cluster/run-publishable-kvm-suite.sh
+          cd "$REPO_ROOT"
           bash ./nix/test-cluster/run-publishable-kvm-suite.sh "$RUNNER_TEMP/publishable-kvm-suite"